From: Tim Beale <timbeale@catalyst.net.nz>
Date: Tue, 3 Oct 2017 23:30:59 +0000 (+1300)
Subject: schema: Add option of specifying the base schema for a provision
X-Git-Tag: talloc-2.1.11~184
X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba-autobuild%2F.git;a=commitdiff_plain;h=1f60f5b51a8f510461f218ee1a5fc2ebbc9ac625

schema: Add option of specifying the base schema for a provision

Add the ability to override the base schema files being used for the
new provision, e.g. instead of using the default supported schema,
the code can now potentially specify an older or newer schema to use.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py
index 09bd2197901..5de986463a5 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -1355,6 +1355,12 @@ def fill_samdb(samdb, lp, names, logger, policyguid,
         protected1wd_descr = b64encode(get_config_delete_protected1wd_descriptor(names.domainsid))
         protected2_descr = b64encode(get_config_delete_protected2_descriptor(names.domainsid))
 
+        if "2008" in schema.base_schema:
+            # exclude 2012-specific changes if we're using a 2008 schema
+            incl_2012 = "#"
+        else:
+            incl_2012 = ""
+
         setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), {
                 "CONFIGDN": names.configdn,
                 "NETBIOSNAME": names.netbiosname,
@@ -1378,7 +1384,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid,
 
         setup_add_ldif(samdb, setup_path("extended-rights.ldif"), {
                 "CONFIGDN": names.configdn,
-                "INC2012" : "#",
+                "INC2012" : incl_2012,
                 })
 
         logger.info("Setting up display specifiers")
@@ -1968,7 +1974,8 @@ def provision(logger, session_info, smbconf=None,
         sitename=None, ol_mmr_urls=None, ol_olc=None, slapd_path=None,
         useeadb=False, am_rodc=False, lp=None, use_ntvfs=False,
         use_rfc2307=False, maxuid=None, maxgid=None, skip_sysvolacl=True,
-        ldap_backend_forced_uri=None, nosync=False, ldap_dryrun_mode=False, ldap_backend_extra_port=None):
+        ldap_backend_forced_uri=None, nosync=False, ldap_dryrun_mode=False,
+        ldap_backend_extra_port=None, base_schema=None):
     """Provision samba4
 
     :note: caution, this wipes all existing data!
@@ -2101,7 +2108,7 @@ def provision(logger, session_info, smbconf=None,
     ldapi_url = "ldapi://%s" % urllib.quote(paths.s4_ldapi_path, safe="")
 
     schema = Schema(domainsid, invocationid=invocationid,
-        schemadn=names.schemadn)
+        schemadn=names.schemadn, base_schema=base_schema)
 
     if backend_type == "ldb":
         provision_backend = LDBBackend(backend_type, paths=paths,
diff --git a/python/samba/schema.py b/python/samba/schema.py
index eaa01640c64..bc3ae057484 100644
--- a/python/samba/schema.py
+++ b/python/samba/schema.py
@@ -76,7 +76,8 @@ class Schema(object):
     }
 
     def __init__(self, domain_sid, invocationid=None, schemadn=None,
-                 files=None, override_prefixmap=None, additional_prefixmap=None):
+                 files=None, override_prefixmap=None, additional_prefixmap=None,
+                 base_schema=None):
         from samba.provision import setup_path
 
         """Load schema for the SamDB from the AD schema files and
@@ -89,6 +90,11 @@ class Schema(object):
         needing to add it to the db
         """
 
+        if base_schema is None:
+            base_schema = Schema.default_base_schema()
+
+        self.base_schema = base_schema
+
         self.schemadn = schemadn
         # We need to have the am_rodc=False just to keep some warnings quiet -
         # this isn't a real SAM, so it's meaningless.
@@ -97,8 +103,8 @@ class Schema(object):
             self.ldb.set_invocation_id(invocationid)
 
         self.schema_data = read_ms_schema(
-            setup_path('ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt'),
-            setup_path('ad-schema/MS-AD_Schema_2K8_R2_Classes.txt'))
+            setup_path('ad-schema/%s' % Schema.base_schemas[base_schema][0]),
+            setup_path('ad-schema/%s' % Schema.base_schemas[base_schema][1]))
 
         if files is not None:
             for file in files:
@@ -108,9 +114,10 @@ class Schema(object):
             {"SCHEMADN": schemadn})
         check_all_substituted(self.schema_data)
 
+        schema_version = str(Schema.get_version(base_schema))
         self.schema_dn_modify = read_and_sub_file(
             setup_path("provision_schema_basedn_modify.ldif"),
-            {"SCHEMADN": schemadn})
+            {"SCHEMADN": schemadn, "OBJVERSION" : schema_version})
 
         descr = b64encode(get_schema_descriptor(domain_sid))
         self.schema_dn_add = read_and_sub_file(
diff --git a/source4/setup/provision_schema_basedn_modify.ldif b/source4/setup/provision_schema_basedn_modify.ldif
index 93266db6249..e4057c3caf3 100644
--- a/source4/setup/provision_schema_basedn_modify.ldif
+++ b/source4/setup/provision_schema_basedn_modify.ldif
@@ -6,5 +6,5 @@ changetype: modify
 -
 # "masteredBy", "msDs-masteredBy" filled in later
 replace: objectVersion
-objectVersion: 47
+objectVersion: ${OBJVERSION}